Premium WordPress Integration

[deleted]

@clarkwinkelmann I'm suddenly getting the below message when I attempt to login

{"success":false,"data":[{"code":"kilowhat_flarum_api_error","message":"Received status code 500 from Flarum API at https:\/\/hub.phenomlab.com\/api\/kilowhat\/wordpress\/user\/login\/6586. Body: "}]}

Any ideas ?

This started happening after an upgrade to sitemap, but not sure if it's related

[2020-07-25 00:00:04] production.ERROR: TypeError: Return value of FoF\Sitemap\Resources\Discussion::lastModifiedAt() must be an instance of Carbon\Carbon, null returned in /var/www/vhosts/phenomlab.com/hub.phenomlab.com/vendor/fof/sitemap/src/Resources/Discussion.php:47

Thanks

clarkwinkelmann

[deleted] please check the Flarum log file. Or enable debug mode in Flarum and try again.

EDIT: that Sitemap error is the same that was shared on the Sitemap discussion. Seems like we need a fix in Sitemap.

[deleted]

clarkwinkelmann Doesn't provide an option for debug - this looks like an API call (message I posted earlier). There's also nothing in the logs other than what I have posted.

Presently, nobody cal login - including me :-(

[deleted]

clarkwinkelmann Thanks. Removed fof/sitemap which didn't make any difference.

clarkwinkelmann

[deleted] actually, I see the error message says "Body: " followed by nothing. This means no error page nor JSON was returned. So the error must be coming from the webserver or a proxy, and not Flarum.

[deleted]

clarkwinkelmann Hmm - I haven't made any changes ! Going for a reboot to see if that resolves it.

[deleted]

Still doesn't fix it. I had an error in my NGINX config, but I've fixed that. The error message remains the same.

clarkwinkelmann

[deleted] I'm afraid there's not much more I can do.

Possibly I could show the error response headers as well in the error message but even then it might not help find the origin of the error at all. All I can say looking at the error message it's that it's likely not Flarum because the body would contain JSON if so.

You can also try hitting that Flarum endpoint yourself with a POST request and an admin API key to experience the error yourself.

[deleted]

clarkwinkelmann Thanks for the help Clark. Turns out that my PLESK configuration had somehow become corrupted (a bit worrying) so ran the repair utility and am back in business 🙂

benjaminschultz

Hey everyone - I've been on a journey to get this working on my site over the weekend. For anyone having these problems in the future, here's what I've had to do so far:

Move my flarum site from a separate domain to a subdomain of my wordpress domain because it seems in 2020 there is almost literally no way to share cookies between domains (this is a shame because with the prevalence of the new TLDs, I expect many sites will want to adopt something like "example.community" as their forum address). As an interesting note, stack exchange seems to have figured this out, but it does not appear to have been an easy process and they're not sharing the exact details.
I had the exact same problem as troymccann (and troymccann ) of getting the error "We could not authenticate with the given credentials. Double-check the URL, username and password." I spoke with SiteGround at some length and they could not figure out why I got a 401 error when trying to use the api token. Finally, while troubleshooting, I installed "miniOrange API Authentication" which gave a more verbose error. In their documentation they recommend the following specific instructions which fixed my problem (I had tried something similar before but I must not have put the code in just the right spot in .htaccess)

This error may occur because of server environment,If Apache server then put the below line in your htaccess file after the RewriteBase.

RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

If NGINX server then put the below line in your conf file.

add_header Access-Control-Allow-Headers "Authorization";

Finally, I can connect and get a "Health check good", now though I'm having the error upon user login: {"success":false,"data":[{"code":"http_request_failed","message":"cURL error 60: SSL certificate problem: unable to get local issuer certificate"}]} which was shared by [deleted]

[deleted] says it turned out to be a caching problem but I have cleared by siteground and cloudflare caches and confirmed the two sites are using the same SSL certificate from cloudflare. (According to chrome, at least)

What's my next troubleshooting step?

[deleted]

benjaminschultz the cURL error is related to an invalid certificate. If you visit ssllabs and run a test against the domain, what is the output ?

clarkwinkelmann

[deleted] thanks for pitching in with the help! That sounds indeed like the server is missing some local CA certificates to be able to validate the other website's certificate.

benjaminschultz Move my flarum site from a separate domain to a subdomain of my wordpress domain because it seems in 2020 there is almost literally no way to share cookies between domains

Yes indeed. A solution around cookie-based global login would be redirect-based global login. But because of the high risk of breaking Wordpress plugins that way and the fact most forum will run on a common domain I made the choice to not implement this at this time and go with cookies. But this could still be added as an option at a later time.

The in-Flarum login actually already uses a variation of the redirect-based login. So if you don't need global login when logging in from Wordpress but want global login when logging in from Flarum, that's what should happen when using two completely different domains already.

benjaminschultz

[deleted] So far the primary and subdomains both get a "B" - I'm not sure what I should be looking for in these results, though:

primary domain

subdomain

[deleted]

benjaminschultz it's more about the cert being valid which it seems to be the case. As it's cloudflare, do you have the intermediary CA cert installed also ?

[deleted]

@benjaminschultz one of my favourite ways to test SSL validity is this site https://www.sslshopper.com/ssl-checker.html

It'll tell you if your SSL chain is valid, or if it's broken. My guess is the latter.

benjaminschultz

[deleted]

I had done an SSL chain check earlier on another site and it gave "good". This one is as well.

Now I'm trying to determine how to install the cloudflare intermediary cert in SiteGround. I may need to ping their support again.

benjaminschultz

Ok! I have gone to Cloudflare Dashboard > SSL/TLS > Orgin Server and created a new key that I then uploaded in siteground under Security > SSL Manager. The login still doesn't appear to be working, though.

Edit: and I have updated my cloudflare settings to:
"Full (strict)
Encrypts end-to-end, but requires a trusted CA or Cloudflare Origin CA certificate on the server"

The fact that I enabled that successfully tells me my origin certificate is installed properly, yes? But my wordpress login is still presenting the same error.

[deleted]

benjaminschultz what happens if you set the level to either full or flexible ?

benjaminschultz

[deleted] It has been on "full" the whole time until I changed it to Full (strict), so same behavior there. On "flexible" the site stops resolving completely (too many redirects)... Back to Full (strict) now.

Edit: SiteGround says I am missing my CA Bundle on my 3rd party certificate. I will find that from CloudFlare this morning and hopefully my issues will be resolved!

benjaminschultz

I have made some progress with the help of SiteGround support (they're great, by the way). However I have now ended up with a flarum-related error upon login:

{"success":false,"data":[{"code":"kilowhat_flarum_api_error","message":"Received status code 400 from Flarum API at https:\/\/social.concept.app\/api\/kilowhat\/wordpress\/user\/login\/2. Body: {\"errors\":[{\"status\":\"400\",\"code\":\"csrf_token_mismatch\"}]}"}]}

What's my next troubleshooting step? I'm also now locked out of my flarum backend because I can't log in through wordpress and I have the integration enabled.

clarkwinkelmann

benjaminschultz did you completely restart the extension installation after fixing the HTTPS issues?

I'd recommend following https://kilowhat.net/flarum/extensions/wordpress#the-installation-wizard-is-stuck to use the Wizard again and ensure a working API key is synced between Wordpress and Flarum.

If you are completely locked outside of Flarum, you'll need to go into your database with a tool like phpMyAdmin and delete the kilowhat-wordpress.wordpress_login_only entry in the settings table, or if you ended up with all user accounts connected to Wordpress, you can unlink them by setting kilowhat_wordpress_user_id to NULL in the users table for the corresponding user, which will allow the user to login with Flarum username/password again.

Another possible reason for the "csrf_token_mismatch" error could be that just like on Wordpress, the "Authorization" header is not forwarded to Flarum by the webserver, making Flarum think it's a web request instead of an API request. Maybe the same fix that worked for Wordpress will work for Flarum if both are using the same webserver.

I hope this helps!

« Previous Page Next Page »